VIRY.CZ

Ahoj můžete mi mrknout na log. Mozila mi dělá neplechu. Díky.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by Sima a Nika (administrator) on SIMAANIKA-PC (31-07-2016 13:16:35)
Running from C:\Users\Sima a Nika\Desktop
Loaded Profiles: Sima a Nika (Available Profiles: Sima a Nika)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(Winziper Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-08-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-30] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-24] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2016-01-27] (Apple Computer, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify Web Helper] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [HKCU] => C:\Windows\system32\win32\task manager
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-10] (Electronic Arts)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [912920 2016-03-11] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Viber] => "C:\Users\Sima a Nika\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {0eda44fd-43f2-11e5-85d7-448a5b26731a} - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {5b7040a6-77e4-11e5-9b7d-448a5b26731a} - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {67c2874b-4127-11e5-9b2f-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {6da64602-1c30-11e6-9a39-448a5b26731a} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193da-9e42-11e5-9b61-448a5b26731a} - G:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193e8-9e42-11e5-9b61-448a5b26731a} - I:\Autorun.exe
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{C37B3631-7467-4BE4-A647-53B16BB4F7F4}: [DhcpNameServer] 178.22.112.22 178.22.118.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> 0A3FC045D4DF465317F35C396DFBBB14 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {464EE582-7BD1-4D57-B243-CA0EEE27398A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {572DF0E2-25D9-4927-847B-336D610538F7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {6637F2DC-D6F1-4EDC-98EC-9AB6C320D376} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {8A6A28B6-26D0-4073-8052-66B09D6D47BA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {A5F45262-79B5-4278-A5D7-5B97E429DA5D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {D428D2F7-B945-4FE8-BCAD-F97932648599} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {F3B9CF11-C16F-43DB-A5C7-D131E967699D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {FE077360-64A3-401A-B0F4-A70C17E19D89} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-12] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-12] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c
FF DefaultSearchEngine: nice
FF SearchEngineOrder.1: nice
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2795660459-1446932787-3981253488-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sima a Nika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js [2016-06-29]
FF user.js: detected! => C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js [2016-06-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2016-01-27] (Apple Computer, Inc.)
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\firmy.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\videa.seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\yahoososo.xml [2016-04-26]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-03-16]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\firmy.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\videa.seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\zbozi.cz-171846.xml [2015-11-20]
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-18]
FF Extension: xRocket Toolbar - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\arthurj8283@gmail.com [2016-06-29] [not signed]
FF Extension: Adblock Plus - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: GsearchFinder - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-03-15]
FF Extension: Adblock Plus - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\extensions\arthurj8283@gmail.com

Chrome:
=======
CHR Profile: C:\Users\Sima a Nika\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-08-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-08-12] (Avast Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [880152 2016-03-11] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1592888 2016-03-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1741992 2015-07-30] (Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-10] (Electronic Arts)
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [713216 2016-03-24] (Qksee Pvt Ltd.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-10-20] (PS Media s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [421080 2016-07-12] ()
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1140792 2016-05-27] (Winziper Pvt Ltd.) <==== ATTENTION
S2 yahoochromebase; C:\ProgramData\desktopfind\desktop264.exe [236728 2016-04-26] (DeskTopService)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-08-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-08-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-08-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-08-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-08-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-08-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-08-12] ()
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-03-11] (BlueStack Systems)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-21] (Symantec Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [67104 2009-08-01] (Silicon Integrated Systems Corporation)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-12] (Avast Software)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-31 13:16 - 2016-07-31 13:16 - 00030025 _____ C:\Users\Sima a Nika\Desktop\FRST.txt
2016-07-31 13:16 - 2016-07-31 13:16 - 00000000 ____D C:\FRST
2016-07-31 13:15 - 2016-07-31 13:15 - 02394112 _____ (Farbar) C:\Users\Sima a Nika\Desktop\FRST64.exe
2016-07-24 17:10 - 2016-07-25 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-24 15:01 - 2016-07-24 14:47 - 63474515 _____ C:\Users\Sima a Nika\Documents\CAM01220.mp4
2016-07-24 14:48 - 2016-07-24 14:47 - 63474515 ____N C:\Users\Sima a Nika\Desktop\CAM01220.mp4
2016-07-15 10:38 - 2016-07-15 10:38 - 00000000 ____D C:\Windows\SysWOW64\.launcher_log
2016-07-14 17:27 - 2016-07-15 14:36 - 00000000 ____D C:\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\Documents\My Games
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\ProgramData\Gaijin
2016-07-13 18:35 - 2016-07-15 10:39 - 00000000 ____D C:\ProgramData\6winp6
2016-07-13 18:35 - 2016-07-13 18:35 - 00003452 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\Program Files (x86)\WinSaber
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\Program Files (x86)\1rq4lmua

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-31 13:13 - 2015-11-09 17:50 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\Spotify
2016-07-31 13:13 - 2015-11-09 17:49 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Spotify
2016-07-31 13:12 - 2016-02-06 20:52 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Skype
2016-07-31 12:59 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-31 12:59 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-31 12:55 - 2015-10-20 15:47 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz
2016-07-31 12:55 - 2015-08-12 20:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-31 12:51 - 2015-10-19 14:03 - 00000000 ____D C:\ProgramData\Origin
2016-07-31 12:49 - 2016-03-24 13:58 - 00000000 ____D C:\Program Files (x86)\qksee
2016-07-31 12:49 - 2016-01-27 19:07 - 00054156 ____H C:\Windows\QTFont.qfn
2016-07-31 12:49 - 2015-08-14 15:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-31 12:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-30 21:36 - 2016-05-03 16:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-30 19:55 - 2016-03-24 14:01 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-07-30 19:55 - 2015-08-12 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-25 13:09 - 2011-04-12 10:34 - 00672394 _____ C:\Windows\system32\perfh005.dat
2016-07-25 13:09 - 2011-04-12 10:34 - 00142580 _____ C:\Windows\system32\perfc005.dat
2016-07-25 13:09 - 2009-07-14 07:13 - 01594292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 13:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ____D C:\ProgramData\Skype
2016-07-14 15:38 - 2016-05-03 16:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:38 - 2015-09-17 17:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:38 - 2015-09-17 17:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:38 - 2015-09-17 17:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 15:38 - 2015-09-17 17:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-14 11:31 - 2016-06-16 13:07 - 00000000 ____D C:\Program Files (x86)\TData
2016-07-13 18:35 - 2016-03-16 12:56 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-07-13 15:00 - 2015-08-12 22:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 15:00 - 2015-08-12 22:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

Some files in TEMP:
====================
C:\Users\Sima a Nika\AppData\Local\Temp\bitool.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dyndata_7320011.dll
C:\Users\Sima a Nika\AppData\Local\Temp\dt_A3C2.tmp.exe
C:\Users\Sima a Nika\AppData\Local\Temp\EAD9F2B.exe
C:\Users\Sima a Nika\AppData\Local\Temp\Firefox Setup 39.0.exe
C:\Users\Sima a Nika\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe
C:\Users\Sima a Nika\AppData\Local\Temp\ReIcon_x64.exe
C:\Users\Sima a Nika\AppData\Local\Temp\sqlite3.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ssins.exe
C:\Users\Sima a Nika\AppData\Local\Temp\tmpCB78.exe
C:\Users\Sima a Nika\AppData\Local\Temp\unins000.exe
C:\Users\Sima a Nika\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Sima a Nika\AppData\Local\Temp\_is94C1.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-14 20:51

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.032 - Logfile created 05/02/2016 at 18:13:42
# Updated 31/01/2016 by Xplode
# Database : 2016-02-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Sima a Nika - SIMAANIKA-PC
# Running from : C:\Users\Sima a Nika\Desktop\adwcleaner_5.032.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Earth Networks
[-] Folder Deleted : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [901 bytes] ##########
# AdwCleaner v5.201 - Log vytvořen 31/07/2016 v 13:35:23
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-31.2 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Sima a Nika - SIMAANIKA-PC
# Spuštěno z : C:\Users\Sima a Nika\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[!] Služba Ne Smazáno : iSafeKrnl
[!] Služba Ne Smazáno : iSafeKrnlBoot
[!] Služba Ne Smazáno : iSafeKrnlKit
[-] Služba Smazáno : iSafeKrnlMon
[!] Služba Ne Smazáno : iSafeKrnlR3
[!] Služba Ne Smazáno : iSafeNetFilter
[!] Služba Ne Smazáno : iSafeService
[-] Služba Smazáno : winzipersvc
[-] Služba Smazáno : ggbugreport
[-] Služba Smazáno : Winsere
[-] Služba Smazáno : qkseeService
[-] Služba Smazáno : yahoochromebase
[-] Služba Smazáno : winsaber

***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\desktopfind
[-] Složka Smazáno : C:\ProgramData\ChelfNotify
[-] Složka Smazáno : C:\ProgramData\6winp6
[-] Složka Smazáno : C:\ProgramData\9winp9
[-] Složka Smazáno : C:\ProgramData\EwinpE
[-] Složka Smazáno : C:\ProgramData\XwinpX
[#] Složka Smazáno : C:\ProgramData\Application Data\desktopfind
[#] Složka Smazáno : C:\ProgramData\Application Data\ChelfNotify
[#] Složka Smazáno : C:\ProgramData\Application Data\6winp6
[#] Složka Smazáno : C:\ProgramData\Application Data\9winp9
[#] Složka Smazáno : C:\ProgramData\Application Data\EwinpE
[#] Složka Smazáno : C:\ProgramData\Application Data\XwinpX
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[#] Složka Smazáno : C:\Program Files (x86)\Elex-tech
[-] Složka Smazáno : C:\Program Files (x86)\SFK
[-] Složka Smazáno : C:\Program Files (x86)\WinZipper
[-] Složka Smazáno : C:\Program Files (x86)\SearchesToYesbnd
[-] Složka Smazáno : C:\Program Files (x86)\TData
[-] Složka Smazáno : C:\Program Files (x86)\Winsere
[-] Složka Smazáno : C:\Program Files (x86)\WinTaske
[-] Složka Smazáno : C:\Program Files (x86)\qksee
[-] Složka Smazáno : C:\Program Files (x86)\QQBrowser
[-] Složka Smazáno : C:\Program Files (x86)\TXQQBrowser
[-] Složka Smazáno : C:\Program Files (x86)\WinSaber
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\eCyber
[#] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Elex-tech
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\TSv
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\qksee
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\WinZiper
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\extensions\arthurj8283@gmail.com
[-] Složka Smazáno : C:\Users\Public\Documents\dmp
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[#] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
[#] Soubor Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml
[-] Soubor Smazáno : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\iSafeNetFilter.sys

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****

[-] Zástupce Vyléčeno : C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : WinTaske
[-] Úloha Smazáno : Browser Updater Task(Core)
[-] Úloha Smazáno : ChelfNotify Task

***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.bmp
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.gif
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.ico
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.jpeg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.jpg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.png
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.tif
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Klíč Smazáno : HKCU\Software\Earth Networks
[-] Klíč Smazáno : HKLM\SOFTWARE\Elex-tech
[-] Klíč Smazáno : HKLM\SOFTWARE\hdcode
[-] Klíč Smazáno : HKLM\SOFTWARE\yessearchesSoftware
[-] Klíč Smazáno : HKLM\SOFTWARE\qkseeSvc
[-] Klíč Smazáno : HKLM\SOFTWARE\qksee
[-] Klíč Smazáno : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč Smazáno : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klíč Smazáno : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qksee
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WeatherBug®
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\Elex-tech
[-] Klíč Smazáno : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\attirerpage.com
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService

***** [ Prohlížeče ] *****

[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpC34mBHUlBU. ... =ffsengext");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffs ... v=20160315");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [20239 bytů] - [05/02/2016 19:13:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [22114 bytů] - [05/02/2016 19:12:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [20387 bytů] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by Sima a Nika (administrator) on SIMAANIKA-PC (02-08-2016 10:21:22)
Running from C:\Users\Sima a Nika\Desktop
Loaded Profiles: Sima a Nika (Available Profiles: Sima a Nika)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-08-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-30] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-24] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2016-01-27] (Apple Computer, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify Web Helper] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [HKCU] => C:\Windows\system32\win32\task manager
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-10] (Electronic Arts)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [912920 2016-03-11] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Viber] => "C:\Users\Sima a Nika\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {0eda44fd-43f2-11e5-85d7-448a5b26731a} - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {5b7040a6-77e4-11e5-9b7d-448a5b26731a} - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {67c2874b-4127-11e5-9b2f-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {6da64602-1c30-11e6-9a39-448a5b26731a} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193da-9e42-11e5-9b61-448a5b26731a} - G:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193e8-9e42-11e5-9b61-448a5b26731a} - I:\Autorun.exe
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{C37B3631-7467-4BE4-A647-53B16BB4F7F4}: [DhcpNameServer] 178.22.112.22 178.22.118.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> 0A3FC045D4DF465317F35C396DFBBB14 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {464EE582-7BD1-4D57-B243-CA0EEE27398A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {572DF0E2-25D9-4927-847B-336D610538F7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {6637F2DC-D6F1-4EDC-98EC-9AB6C320D376} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {8A6A28B6-26D0-4073-8052-66B09D6D47BA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {A5F45262-79B5-4278-A5D7-5B97E429DA5D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {D428D2F7-B945-4FE8-BCAD-F97932648599} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {F3B9CF11-C16F-43DB-A5C7-D131E967699D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {FE077360-64A3-401A-B0F4-A70C17E19D89} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-12] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-12] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2795660459-1446932787-3981253488-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sima a Nika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js [2016-06-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2016-01-27] (Apple Computer, Inc.)
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\firmy.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\videa.seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\yahoososo.xml [2016-04-26]
FF Extension: Adblock Plus - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-18]

Chrome:
=======
CHR Profile: C:\Users\Sima a Nika\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-08-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-08-12] (Avast Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [880152 2016-03-11] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1741992 2015-07-30] (Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-10] (Electronic Arts)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-10-20] (PS Media s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-08-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-08-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-08-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-08-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-08-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-08-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-08-12] ()
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-03-11] (BlueStack Systems)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-21] (Symantec Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [67104 2009-08-01] (Silicon Integrated Systems Corporation)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-12] (Avast Software)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-31 14:19 - 2016-07-31 14:19 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-31 14:19 - 2016-07-31 14:19 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-31 14:19 - 2016-07-31 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-31 14:17 - 2016-07-31 14:17 - 00242320 _____ C:\Users\Sima a Nika\Desktop\Firefox Setup Stub 47.0.1.exe
2016-07-31 13:46 - 2016-07-31 13:46 - 00020502 _____ C:\Users\Sima a Nika\Desktop\AdwCleaner[C1].txt
2016-07-31 13:42 - 2016-07-31 13:42 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Elex-tech
2016-07-31 13:42 - 2016-05-19 08:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-07-31 13:33 - 2016-07-31 13:33 - 03712064 _____ C:\Users\Sima a Nika\Desktop\adwcleaner_5.201.exe
2016-07-31 13:20 - 2016-07-31 13:20 - 00013443 _____ C:\Users\Sima a Nika\Desktop\Addition.rar
2016-07-31 13:16 - 2016-08-02 10:21 - 00025153 _____ C:\Users\Sima a Nika\Desktop\FRST.txt
2016-07-31 13:16 - 2016-08-02 10:21 - 00000000 ____D C:\FRST
2016-07-31 13:16 - 2016-07-31 13:17 - 00054316 _____ C:\Users\Sima a Nika\Desktop\Addition.txt
2016-07-31 13:15 - 2016-07-31 13:15 - 02394112 _____ (Farbar) C:\Users\Sima a Nika\Desktop\FRST64.exe
2016-07-24 17:10 - 2016-07-31 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-24 15:01 - 2016-07-24 14:47 - 63474515 _____ C:\Users\Sima a Nika\Documents\CAM01220.mp4
2016-07-24 14:48 - 2016-07-24 14:47 - 63474515 ____N C:\Users\Sima a Nika\Desktop\CAM01220.mp4
2016-07-15 10:38 - 2016-07-15 10:38 - 00000000 ____D C:\Windows\SysWOW64\.launcher_log
2016-07-14 17:27 - 2016-07-15 14:36 - 00000000 ____D C:\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\Documents\My Games
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\ProgramData\Gaijin
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\Program Files (x86)\1rq4lmua

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-02 10:21 - 2015-11-09 17:50 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\Spotify
2016-08-02 10:08 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-02 10:08 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-02 10:05 - 2015-11-09 17:49 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Spotify
2016-08-02 10:05 - 2015-10-20 15:47 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz
2016-08-02 10:01 - 2015-10-19 14:03 - 00000000 ____D C:\ProgramData\Origin
2016-08-02 10:00 - 2016-01-27 19:07 - 00054156 ____H C:\Windows\QTFont.qfn
2016-08-02 10:00 - 2015-08-14 15:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-02 10:00 - 2015-08-12 20:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-02 09:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-01 21:36 - 2016-05-03 16:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-01 20:16 - 2016-06-16 15:01 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\CrashDumps
2016-08-01 11:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-01 11:05 - 2015-08-20 16:56 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\ElevatedDiagnostics
2016-07-31 14:05 - 2016-02-06 20:52 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Skype
2016-07-31 13:37 - 2016-05-05 13:38 - 00000000 ____D C:\Windows\system32\log
2016-07-31 13:34 - 2016-02-05 19:12 - 00000000 ____D C:\AdwCleaner
2016-07-25 13:09 - 2011-04-12 10:34 - 00672394 _____ C:\Windows\system32\perfh005.dat
2016-07-25 13:09 - 2011-04-12 10:34 - 00142580 _____ C:\Windows\system32\perfc005.dat
2016-07-25 13:09 - 2009-07-14 07:13 - 01594292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 13:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ____D C:\ProgramData\Skype
2016-07-14 15:38 - 2016-05-03 16:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:38 - 2015-09-17 17:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:38 - 2015-09-17 17:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:38 - 2015-09-17 17:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 15:38 - 2015-09-17 17:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 15:00 - 2015-08-12 22:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 15:00 - 2015-08-12 22:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

Some files in TEMP:
====================
C:\Users\Sima a Nika\AppData\Local\Temp\bitool.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dyndata_7320011.dll
C:\Users\Sima a Nika\AppData\Local\Temp\dt_A3C2.tmp.exe
C:\Users\Sima a Nika\AppData\Local\Temp\EAD9F2B.exe
C:\Users\Sima a Nika\AppData\Local\Temp\Firefox Setup 39.0.exe
C:\Users\Sima a Nika\AppData\Local\Temp\libeay32.dll
C:\Users\Sima a Nika\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe
C:\Users\Sima a Nika\AppData\Local\Temp\msvcr120.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ReIcon_x64.exe
C:\Users\Sima a Nika\AppData\Local\Temp\sqlite3.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ssins.exe
C:\Users\Sima a Nika\AppData\Local\Temp\tmpCB78.exe
C:\Users\Sima a Nika\AppData\Local\Temp\unins000.exe
C:\Users\Sima a Nika\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Sima a Nika\AppData\Local\Temp\_is94C1.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-14 20:51

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {0eda44fd-43f2-11e5-85d7-448a5b26731a} - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {5b7040a6-77e4-11e5-9b7d-448a5b26731a} - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {67c2874b-4127-11e5-9b2f-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {6da64602-1c30-11e6-9a39-448a5b26731a} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193da-9e42-11e5-9b61-448a5b26731a} - G:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193e8-9e42-11e5-9b61-448a5b26731a} - I:\Autorun.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts= ... 1059310593
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts= ... 1059310593
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
C:\Program Files (x86)\1rq4lmua
C:\Users\Sima a Nika\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
C:\Program Files (x86)\1rq4lmua
C:\Users\Sima a Nika\AppData\Local\Temp
End
*****************

"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0eda44fd-43f2-11e5-85d7-448a5b26731a}" => key removed successfully
HKCR\CLSID\{0eda44fd-43f2-11e5-85d7-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b7040a6-77e4-11e5-9b7d-448a5b26731a}" => key removed successfully
HKCR\CLSID\{5b7040a6-77e4-11e5-9b7d-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67c2874b-4127-11e5-9b2f-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{67c2874b-4127-11e5-9b2f-806e6f6e6963} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6da64602-1c30-11e6-9a39-448a5b26731a}" => key removed successfully
HKCR\CLSID\{6da64602-1c30-11e6-9a39-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc7193da-9e42-11e5-9b61-448a5b26731a}" => key removed successfully
HKCR\CLSID\{fc7193da-9e42-11e5-9b61-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc7193e8-9e42-11e5-9b61-448a5b26731a}" => key removed successfully
HKCR\CLSID\{fc7193e8-9e42-11e5-9b61-448a5b26731a} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Could not move "C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml" => Scheduled to move on reboot.
C:\Program Files (x86)\1rq4lmua => moved successfully

"C:\Users\Sima a Nika\AppData\Local\Temp" folder move:

Could not move "C:\Users\Sima a Nika\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-08-02 18:49:30)

C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml => Is moved successfully
C:\Users\Sima a Nika\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:49:30 ====

Smazáno. Nastala nějaká změna?

No teď Firefox nejde spustit hlásí že "Profil Firefox nelze spustit, buď chybí nebo je zaneprázdněný" Explorer funguje normálně.
Mám zkusit Firefox přeinstalovat?

Určitě ano.